Industry executives and experts share their predictions for 2025. Read them in this 17th annual VMblog.com series exclusive. By Yonit Glozshtein, Director of Product
Management, Oasis
Security
Cybersecurity incidents stemming from the
exploitation of non-human identities (NHIs) put business continuity at risk. In a recent security incident, Cisco confirmed that a
threat actor accessed and downloaded its data and customer data. The threat
actor offered to sell the stolen data on BreachForums, describing some NHI
secrets from its content - hard-coded credentials, certificates, API tokens, and
private keys. Cisco later added that the data in question had been in a
public-facing DevHub environment. Cybersecurity incidents have devastating
consequences, including erosion of customer trust, partner attrition, data
exfiltration, and monetary loss.
As awareness of the need to properly secure
and manage NHIs grows, CISOs are prioritizing Non-Human Identity Management
(NHIM). In practice, this means allocating additional budget to address
identity management gaps that have long been overlooked. Research from
analyst firm Enterprise Strategy Group (ESG) found that 83% of organizations
expect to spend relatively more on NHI security in the next 12 months, with
nearly one in five expecting to spend significantly more.
Despite the recognized importance of NHIM,
many organizations are guided by fear when it comes to how they manage their
non-human identities. Consider secret rotation: whether prompted by a breach, a
compliance mandate, or the need to enhance operational efficiency, it remains
an indispensable practice. However,
in many cases, secret rotation is performed only as a last resort and brute
force rather than programmatically operationalized. Security and IT leaders may
be familiar with the notion of the "scream test," which consists of removing
the item and waiting for the screams because something broke. If someone
"screams", put it back; in this particular case, secrets are disabled to see
who complains, indicating the secret's active use and user.
In addition to endangering business
continuity, this manual process is tedious, incomprehensive, unrepeatable and
leads to oversight, inefficiency, and increased risk of exposure. Automated
tools and processes are essential for ensuring comprehensive, efficient, and
repeatable secret management across the organization. Only with reliable
automation can organizations make secret rotation a programmatic, seamless
process that works in the background without causing unnecessary operations or
business disruption.
Stale
or orphaned NHIs that should have been decommissioned - but have not been -
also pose a risk. An orphaned NHI is an NHI that is no longer in use but is
still enabled and has active permissions. Stale or orphaned NHIs are generally
the outcome of changes in business operations, such as concluding work with
third-party vendors, shifts in organizational structure like an employee
leaving the company or transitioning to a new role, or technology changes, such
as replacing an application. These NHIs represent a significant danger as they
increase the attack surface and can serve as potential backdoors for extended
periods without detection. Cases like Cloudflare's recent incident demonstrate these
issues first-hand.
However, offboarding NHIs is a complex and
error-prone process without the right tool for the job. The most common pain
points include: Lack of visibility - users are not aware of which NHIs are
unused - and operational risk: users don't know what an NHI is for, and fear
breaking something. Insufficient understanding of security posture, rapidly
evolving business needs, and ambiguous ownership are additional challenges.
With that, there exists a juxtaposition: failure to follow best practices
creates huge risks for enterprises, yet implementing them leads to issues
without the proper solutions in place. In 2025, there is a burgeoning need for
organizations to adopt a proactive approach to non-human identity management.
Organizations must seek solutions that provide
a holistic inventory of NHIs with rich contextual information. By investing in
comprehensive NHI governance and management practices, organizations can
mitigate the risks posed by these security holes. This, in turn, will
strengthen their security posture, safeguard sensitive data, and help ensure
compliance with regulatory requirements in an increasingly complex and
interconnected digital landscape.
##
ABOUT
THE AUTHOR
Yonit Glozshtein is the Director of Product
Management at Oasis
Security.